Lucene search

[email protected]CVE-2005-4595

HistoryJan 01, 2006 - 11:00 p.m.

CVE-2005-4595

2006-01-0123:00:00

[email protected]

web.nvd.nist.gov

cve-2005-4595

untrusted search path vulnerability

rpath

xnview

nview

gentoo linux

local users

arbitrary code

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.7%

JSON

Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory.

Affected configurations

NVD

Node

gentoonviewMatch4.51

gentooxnviewMatch1.70

CPENameOperatorVersion
gentoo:nviewgentoo nvieweq4.51
gentoo:xnviewgentoo xnvieweq1.70

CPE	Name	Operator	Version
gentoo:nview	gentoo nview	eq	4.51
gentoo:xnview	gentoo xnview	eq	1.70

References

bugs.gentoo.org/show_bug.cgi?id=117063

secunia.com/advisories/18235

secunia.com/advisories/18240

www.gentoo.org/security/en/glsa/glsa-200512-18.xml

www.osvdb.org/22093

www.osvdb.org/22094

www.securityfocus.com/bid/16087

exchange.xforce.ibmcloud.com/vulnerabilities/23910

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.7%

JSON

Related for CVE-2005-4595

gentoo1 openvas2 cvelist1 nvd1 nessus1